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unsealing the content key, as well as decrypting the content. In an exemplary embodiment, the 
content in a level 5 title is encrypted with a synmietric key, the symmetric key is encrypted 
with a public key contained in an activation certificate, the encrypted symmetric key is sealed 
with the title, and the activation certificate's private key is contained in the activation 
5 certificate in a form encrypted by the public key of secure repository 82. In this example, 
secure repository 82 decrypts Uie activation certificate's private key tismg the private key of 
secure repository 82, and then the activation certificate's private key is used to decrypt the 
symmetric key, A systeni and method for, creating secure repository 82 is described in 

— p4e&^- i)o Ala DRJM^^^ 

Sffttomey Dorkfft Number MSFT-01 26^filed concurrently herewith and expressly incorporated 

10 by reference in its entirety. 

The activation ACTIVEX control 84 is a component used by the client 
computing device during the activation process (see below). Preferably, ACTIVEX control 84 
is used by a browser (e.g., a MICROSOFT INTERNET EXPLORER browser), which, in turn, 
is hosted by reader 92 (although ACTIVEX control 84 could also work with a stand-alone 

15 browser.) The activation ACTIVEX control 84 exposes methods that provide for the 
validation of servers (e.g., the "activation server(s)") to which reader 92 (or the computing 
device on which it resides) is connected, computation of the hardware ID, downloading of 
secure repository 82 (and associated activation certificates), and authentication and 
installation of the downloaded executable. For example, reader 92 (or another software 

20 component) may contain instructions to detect whether reader 92 has been activated and, if it 
has not been activated, may issue one or more instructions to activation ACTIVEX control 84 
to perform the activation, and those instructions may include instructions to perform the acts 
listed above. 

The web commerce object 86 is distributed as both an ACTIVEX control and a 
25 NETSCAPE NAVIGATOR® plug-in. It may be used, via client-side scripting, by retailers 
when selling fully individualized copies (i.e;, Level 5 protected copies). This COM object 86 
is preferably wrapped by client side script functions, which abstract the actual methods and 
underlying differences between the plug-in and the ACTIVEX control. The key methods 
provided by the web commerce object 86 and its accompanying interface are: detection of the 
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a registry), for upload during commercial transactions. The PASSPORT™ ID is stored 
separately from the activation certificate (even though it may be included in die activation 
certificate) so that the stored PASSPORT ID may be compared with the PASSPORT ID in the 
activation certificate during the acquisition of a level 5 title, thereby helping to prevent theft 
of content. 

At step 192 it is determined whether the download of secure repository 82 and 
the activation certificate has succeeded. If not, an event is logged and the download is 
attempted again (steps 194 and 192). If the dovmload was successful, then at step 196, the 
user may be provided with a page that "congratulates" him/her on activating reader 92 and 
informing him/her that the activation process is complete. In one example, the page may 
include links where the user may obtain "promotional" or ^^free" eBooks. This link will 
change depending on the promotion (i.e., the server may download a different page with 
different links if the "promotion" changes). This link may also leverage a method exposed by. 
the Activation ACTIVEX Control 84 td return the user to the library page on the reader. The 
process then terminates at step 198. 

eCommerce Process Flow 

Referring now to FIG. 6, an overview of the basic process by which eBook 
titles are acquired and delivered online is described. It is noted that the reader of the present 
invention is adapted to interact and ppemte Avithin a server enviromnenl. Such an exemplary 
server envuronment is descnbed m^tt omef ^s DQcke ^n. - M R rT.nn<» ^ filed concurrently 
herewith, which is expressly incorporated by reference herein in its entirety. 

Using a browser or the "integrated bookstore" feature of reader 92, the user 
visits a retail site and chooses book(s) in a manner implemented by the retailer (step 200). For 
example, the site may provide a web page that displays (as links) various books that the user 
may wish to purchase. The user then pays for the titles (step 202), such as by submitting a 
credit card number (or by referencing a stored credit card number if the user has an account 
with the site; in one usage, the user's PASSPORT ID may reference such a number or 
account). The transaction concludes at step 204 witii a receipt page. The receipt page may 
contain information "confirming" the order or thanking the user for his/her order, and also 



